Re: Linux and security
From: Johannes Halmann (softpro_at_gmx.net)
Date: 07/28/03
- Next message: Denice DEATRICH: "Re: Restricitng SSH for CVS user"
- Previous message: Johannes Halmann: "Re: Linux and security"
- In reply to: Nick Austin: "Re: Linux and security"
- Next in thread: erik: "Re: Linux and security"
- Reply: erik: "Re: Linux and security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 28 Jul 2003 10:55:03 +0200
>> i don't necessarily agree... viruses are less common on linux because its
>> market share isn't yet big enough....
> Linux and other *nix like platforms run more web servers then windows.
what do webservers have to do with viruses?? how would a virus come to be
"installed" on a webserver?? are you sure that you're not talking about
worms?
> Just as you can delete only your own files (i.e., those you have "write"
> permission to), executables you run cannot affect other users' (or
> root's) files. Therefore, although you can create (or retrieve), and then
> run, a virus, worm, trojan horse, etc., it can't do much.
exactly my point. but as many, many systems are used by exactly ONE person,
the deletion of his/her files becomes equivalent to a system-wide
infection. what else could happen to the system that is graver than the
loss of the systems only user?
i have actually read this article before and i can't see AT ALL how that
refutes what i posted earlier??
what i was saying was:
* current *nix users are more professional than the overall average user
* the root user is (still) used with caution. but looking at lindows and
the need of users to install software that is not supplied by their
distribution will give rise to root-installed software from untrusted
sources.
* the deletion of a users files is damage enough! to say: "well, but the OS
is unharmed" is missing the point. on systems with only one user the system
matters less than the users data!
* SELinux or other ACL, role-based models could really do something against
the threat of viruses, but someone will ALWAYS have to have access to
files. maybe you can deny him the right to delete files or have different
users for "creating files", "changing files", ...
'nuf said,
jethr0
- Next message: Denice DEATRICH: "Re: Restricitng SSH for CVS user"
- Previous message: Johannes Halmann: "Re: Linux and security"
- In reply to: Nick Austin: "Re: Linux and security"
- Next in thread: erik: "Re: Linux and security"
- Reply: erik: "Re: Linux and security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
